<?php
session_start();
require('../../include/formFunctions.php');
if(isset($_SESSION['admin_id'])) {
    include "../../include/dbFunctions.php";
    if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
        //Check if it's size is less than 350Kb
        $filename = newname(basename($_FILES['uploaded_file']['name']));
        $ext = substr($filename, strrpos($filename, '.') + 1);
        if (($_FILES["uploaded_file"]["size"] < 350000)) {
            //Determine the path to which we want to save this file
            $newname = dirname(__FILE__).'/../../upload/cv/'.$filename;
            //Check if the file with the same name is already exists on the server
            if (!file_exists($newname)) {
                //Attempt to move the uploaded file to it's new place
                if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
                    $_SESSION['mes'] = "File has been uploaded.";
                    //now insert
                } else {$filename="";
                    $_SESSION['mes'] = "Error in file upload. ";
                }
            } else {$filename="";
                $_SESSION['mes'] = "Error in file upload.  ";
            }
        } else {$filename="";
            $_SESSION['mes'] = "Error: Only file under 350Kb are accepted for upload";
        }
    } else {$filename="";
        $_SESSION['mes'] = "No file uploaded.";
    }
    $email = $_POST['email'];
    $query_check ="SELECT volunteer_name FROM volunteer WHERE volunteer_email = '".$email."'";
    $result_check = executeSelectQuery($query_check);
    $no = count($result_check);
    if ($no!=0) {
        $_SESSION['mes']="This email has been registered by ".$result_check[0]['volunteer_name'];
        $link = "volunteerManage.php";
    } else {
        $salutation = $_POST['salutation'];
        $given = htmlspecialchars($_POST['given'],ENT_QUOTES);
        $family = htmlspecialchars($_POST['family'],ENT_QUOTES);
        $gender = htmlspecialchars($_POST['gender'],ENT_QUOTES);
        $office = htmlspecialchars($_POST['office'],ENT_QUOTES);
        $mobile = htmlspecialchars($_POST['mobile'],ENT_QUOTES);
        $sponsor = $_POST['sponsor'];
        $email = htmlspecialchars($_POST['email']);
        $job = htmlspecialchars($_POST['job'],ENT_QUOTES);
        $exp = htmlspecialchars($_POST['exp'],ENT_QUOTES);
        $ref = htmlspecialchars($_POST['ref'],ENT_QUOTES);
        $comment = htmlspecialchars($_POST['comment'],ENT_QUOTES);
        $filename="";

        if (isset($_POST['education'])) {
            $education = $_POST['education'];
        } else {
            $education = Array(0,1,2,3,4);
        }
        if (isset($_POST['location'])) {
            $location = $_POST['location'];
        } else {
            $location = Array(0,1,2,3,4);
        }
        $status = 'active';
        //timeslot
        $daya = Array();
        $day = $_POST['day'];
        if ($day =='2') {
            $daya[]=0;
            $daya[]=1;
        } elseif ($day=='0') {
            $daya[]=0;
        } elseif ($day=='1') {
            $daya[]=1;
        }
        $password =  SHA1("PASSW0RD");
//update volunteer table
        $query1 = "INSERT INTO volunteer (volunteer_surname,
                                volunteer_firstname,
                                volunteer_password,
                                volunteer_email,
                                volunteer_mobile,
                                volunteer_office,
                                volunteer_salutation,
                                volunteer_gender,
                                volunteer_experience,
                                volunteer_reference,
                                volunteer_profession,
                                volunteer_status,
                                volunteer_cv,
                                sponsor_id,
                                volunteer_comment)
            VALUES  ('".$family."',
                    '".$given."',
                    '".$password."',
                    '".$email."',
                    '".$mobile."',
                    '".$office."',
                    '".$salutation."',
                    '".$gender."',
                    '".$exp."',
                    '".$ref."',
                    '".$job."',
                    '".$status."',
                    '".$filename."',
                    '".$sponsor."',
                    '".$comment."')";
        $result1 = executeQuery($query1);
        $queryget = "SELECT volunteer_id FROM volunteer ORDER BY volunteer_id DESC LIMIT 1";
        $array = executeSelectQuery($queryget);
        $vid = $array[0]['volunteer_id'];
//insert education_preference table
        for ($i=0;$i<count($education);$i++) {
            $education_id = $education[$i];
            $query3 = "INSERT INTO education_preference (volunteer_id,education_id) VALUES ($vid,$education_id)";
            $result3 = executeQuery($query3);
        }
//insert location_preference table
        for ($i=0;$i<count($location);$i++) {
            $location_id = $location[$i];
            $query5 = "INSERT INTO location_preference (volunteer_id,location_id) VALUES ($vid,$location_id)";
            $result5 = executeQuery($query5);
        }
//insert timeslot preference table
        for ($i=0;$i<count($daya);$i++) {
            $tid = $daya[$i];
            $query2 = "INSERT INTO time_preference (volunteer_id,time_id) VALUES ('".$vid."','".$tid."')";
            $result2  = executeQuery($query2);
        }
        if (($result1!=0)&($result2!=0)&($result3!=0)&($result5!=0)) {
            $_SESSION['mes']="New volunteer has been added successfully";
            $link = "../volunteerView.php?id=$vid";
        } else {
            $_SESSION['mes']="Error! Please try again";
            $link = "../volunteerManage.php";
        }
    }
    header("Location: $link");
    /*
echo "ID: ".$vid."<br/>";
echo $salutation."<br/>";
echo $name."<br/>";
echo $gender."<br/>";
echo $email."<br/>";
echo $office."<br/>";
echo $mobile."<br/>";
echo $address."<br/>";
echo $sponsor."<br/>";
print_r($education);
print_r($location);
print_r($tid_array);
    */
    ?>
    <?php
}else {
    header("Location: ../include/login.html");
}
?>